The current safety settings of your browser limit the execution of certain elements of this site. To offer the best possible support and to make the navigation on our site as convenient as possible for you it is mandatory to accept JavaScript in the settings of your browser.

To receive a flawless presentation please follow these instructions.

Mozilla Firefox

In the address bar, type "about:config" (with no quotes), and press Enter.
Click "I'll be careful, I promise"
In the search bar, search for "javascript.enabled" (with no quotes).
Right click or double click the result named "javascript.disabled" and change to "enabled".
JavaScript is now enabled.

Tamper with the integrity of the Intel® CSME file system directories or the Server Platform Services and Trusted Execution Environment (Intel® TXE) data files.

Mitigations described in INTEL-SA-00086 do not prevent the issue since an attacker with physical access to the system may be able to roll back to an earlier Intel CSME firmware affected by CVE-2017-5705, CVE-2017-5706 and CVE-2017-5707.

In 1998, Daniel Bleichenbacher discovered that the error messages given by SSL servers for errors in the PKCS #1 v1.5 padding allowed an adaptive-chosen cipher text attack. Nineteen years later, security researchers discovered that by using some slight variations, this vulnerability can still be used against many HTTPS hosts in today's Internet. The researchers dubbed it the Return Of Bleichenbacher Oracle, the ROBOT attack (https://robotattack.org/ ). This updated ROBOT attack affects the confidentiality of Seamless Remote Attestation with Transport Layer Security (TLS) when used with RSA encryption.

A number of Fujitsu products are affected by these vulnerabilities. Fujitsu is working to distribute patches for all affected products that are currently supported. Older systems that are no longer supported will not be patched.

After downloading the *.zip file containing the ME Firmware Update Pack extract all files/folders/subfolders in the Firmware.ME folder (\Firmware.ME) of the zip file to the desired directory on the hard drive.

Step 4: ME Update Procedure.

"Firmware.ME" contains the ME update files which can be used in Windows environment. Run "update.bat" in Windows cmd environment with administrative privileges to start the ME flash procedure. Please choose 32-bit or 64-bit folder if using a Windows 32-bit or a Windows 64-bit installation.

Hints:

To run the ME Update procedure using a Windows installation, it is necessary to have the Windows "HECI" driver installed. Please use the Intel(R) Active Management Technology Driver package for Windows.

To run the ME Update procedure using a Windows PE installation, it is necessary to have the Windows "HECI" driver installed. This can be done at runtime by "drvload.exe< Path to HECI.INF>\HECI.INF". The "HECI" driver can be extracted from the Intel(R) Active Management Technology Driver package for Windows.

Fujitsu does not manufacture the affected microprocessors that Fujitsu buys from third party suppliers and integrates into its products. Therefore, this communication is based on the information and recommendations Fujitsu has received from the third party suppliers of the affected microprocessors. Fujitsu does not warrant that this communication is applicable or complete for all customers and all situations. Fujitsu recommends that customers determine the applicability of this communication to their individual situation and take appropriate measures. Fujitsu is not liable for any damages or other negative effects resulting from customers’ use of this communication. All details of this communication are provided "as is" without any warranty or guarantee. Fujitsu reserves the right to change or update this communication at any time.
Websites of other companies referred to in this communication are the sole responsibility of such other companies. Fujitsu does not assume any liability with respect to any information and materials provided by its suppliers, including on such websites.
Designations may be protected by trademarks and/or copyrights of Fujitsu or the respective owners, the use of which by third parties for their own purposes may infringe the rights of such owners.